Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Don’t miss the Linux Security Summit, be sure to register now! 
View analytic
Thursday, August 25 • 15:45 - 16:30
Minijail: Running Untrusted Programs Safely - Jorge Lucangeli Obes, Google

Sign up or log in to save this to your schedule and see who's attending!

The Linux kernel provides several sandboxing, containment and privilege-dropping features. Many of these features provide the same functionality, while others compose nicely to create de-privileged running environments for executing untrusted code.

In this talk we’ll describe Minijail, a sandboxing and containment tool initially developed for Chrome OS and now used across Google, including client platforms (like Android) and server environments (like Chrome’s fuzzing infrastructure ClusterFuzz). Minijail is also used outside of Google to create sandboxed environments in coding competitions, build farms and everything in between.

Finally, we’ll describe how Minijail is used in Chrome OS to implement a containerized version of Android that allows Chrome OS devices to run Android applications natively.

Speakers
avatar for Jorge Lucangeli Obes

Jorge Lucangeli Obes

Software Engineer, Google Inc.
Jorge is the platform security lead for Brillo, Google's Android-based operating system for Internet-connected devices. Before working on Brillo and Android, Jorge worked on Chrome OS security. He has presented on Chrome OS security at Ekoparty, IATP Secure By Default (organized by CESG), and internal security summits at Google.


Thursday August 25, 2016 15:45 - 16:30
Harbour C

Attendees (10)